Security & data
Plain answers to the questions that matter. No certification theatre – just what we do, stated so you can hold us to it.
Security commitments
Where your data lives
Project data is stored on UK/EU infrastructure, encrypted in transit (TLS) and at rest. Evidence files are hash-recorded at upload so later tampering is detectable.
Who can see it
Only the parties on your project. Access is role-based and tenant-isolated: a studio cannot see another studio's projects, and clients see only what belongs to them. Bespea operators access data only for support and platform integrity, and operator actions are logged.
What we record
Milestone decisions, evidence submissions, acceptances and rejections are kept as an append-only audit trail. That trail is the point of the product – it is never silently edited.
If Bespea ever shuts down
You get your full project record exported – evidence, decisions and the audit trail. It is your record, not ours.
During the pilot
Bespea is in a controlled private pilot. Participants are admitted by invitation, the scope of each pilot is agreed in writing, and no live funds are handled through the platform unless a regulated payment partner is active for that project.
Questions, disclosures or data requests: contact@bespea.com. See also our Privacy Policy and Data Processing Addendum.